It's not easy to make it water-tight, but you might try something like this:
using cron, at the beginning of the period where you want to prevent users from running it, change the permissions on the firefox binary so it is not executable, and use killall to kill running firefox-bin processes.
When you want to allow access to firefox, just re-add the execute permission.
Note that the file /usr/bin/firefox is actually a symlink, and this is often to a wrapper script, not to th actual binary. On Hardy Heron, the actual firefox binary is /usr/lib/firefox-3.0b5/firefox.
Be aware that this method will not prevent a user running a different copy of firefox - -perhaps one installed into their home directory. Like I said, it's not easy to make it water-tight.
|